<?php
	class user extends BaseController{
		//public $security_level = SECURITY_LEVEL_USER;
		public function getData($in_params){
			if(!isset($_SESSION["warnings"]) || (isset($_REQUEST["list"]) && ($_REQUEST["list"] == "warnings"))){
				$this->action_getWarningList($in_params);
			}		
				
			$user_id = $_SESSION["user"]["id"];
			$user_password = $_SESSION["user"]["password"];
			$this->template_data['pass'] = $user_password;
			$rights = new m_rights();
		
			$sql_join_rooms=" LEFT JOIN `rooms` ON `rights`.`room_id` = `rooms`.`room_id`";
			$sql="SELECT *,`rooms`.`room_id` AS `room_id` FROM `rights`" . $sql_join_rooms;
			$data5 = $rights->query($sql);
			$this->template_data['table'] = $data5;
			
			
			$watched_rooms = $rights->select("", array("user_id" => $user_id, "watch" => true));
			$room_ids = array();
			
			foreach ($watched_rooms as $r) {
				$room_ids[] = $r->room_id;
			}
			
			$where_clause = "`room_id`=" . implode(" || `room_id`=", $room_ids);
			
			$equipments = new m_equipment();
			$this->template_data["watch_count"] = $equipments->selectCount("", $where_clause);
			
			general::debug("template data", $this->template_data);
			$sub = $_REQUEST;
			$this->template_data["sub"]=$sub;
			
			$data = new m_room();
			
			$miest=$data->select();
			
			
			$this->template_data["miestnosti"] = $miest;
			$this->template_data["table_headers"] = array(
				"equipment_id" => "#",
				"equipment_name" => "Názov",
				"date_added" => "Dátum pridania",
				"category_name" => "Kategória",
				"room_name" => "Miestnosť",
				"person_name" => "Zodpovedná osoba",
				"equipment_info" => "Popis",
				"tools" => "Nástroje",
			);
			
					
			
			return;
		}
		
		private function data_getDataForTable($where){
			$user_id = $_SESSION["user"]["id"];
			$rights = new m_rights();
			
			$equipments = new m_equipment();
			$category = new m_equipment_category();
			$persons = new m_person();
			$rooms = new m_room();
			
			$sqlJoinPersons = " LEFT JOIN `" . $persons->get_default_table_name() . "` ON `" . $equipments->get_default_table_name() . "`.`owner_id` = `" . $persons->get_default_table_name() . "`.`person_id` ";
			$sqlJoinRooms = " LEFT JOIN `" . $rooms->get_default_table_name() . "` ON `" . $equipments->get_default_table_name() . "`.`room_id`=`" . $rooms->get_default_table_name() . "`.`room_id` ";
			$sqlJoinRights = " LEFT JOIN `" . $rights->get_default_table_name() . "` ON `" . $equipments->get_default_table_name() . "`.`room_id`=`" . $rights->get_default_table_name() . "`.`room_id` AND `" . $rights->get_default_table_name() . "`.`user_id` = " . $user_id . " ";
			$sqlJoinCategory = " LEFT JOIN `" . $category->get_default_table_name() . "` ON `" . $equipments->get_default_table_name() . "`.`category_id` = `" . $category->get_default_table_name() . "`.`category_id` ";
			
			$sql = "SELECT * FROM  `" . $equipments->get_default_table_name() . "`" . $sqlJoinPersons . $sqlJoinRooms . $sqlJoinRights . $sqlJoinCategory . $where; 
			
			$data = $equipments->query($sql);
			
			$now = new DateTime();
			foreach ($data as &$eq) {
				$date = new DateTime();
				$date->setTimestamp($eq["date_added"]);
				$lifetime = DateInterval::createFromDateString($eq["lifetime"]." year");
				$date->add($lifetime);
				$eq["DT_RowClass"] = ($date < $now) ? "mark" : "";
			}
			
			$_SESSION["debug_data"] = $data;
			
			
			
			
			$output = array(
				"data" => $data,
				"sql" => $sql
			);
			return $output;
		}
		
		
		public function action_newPass($in_params){
			$user=new m_user();
			$user->select("", array("id"=>$_SESSION["user"]["id"]));
			
			if(($in_params["password1"]==$in_params["password2"])&&(strlen($in_params["password1"])>4)){	
				$user->password=md5($in_params["password1"]);
				$user->update();
			}
		}
		
		public function action_getWatcheList($in_params){
			$user_id = $_SESSION["user"]["id"];
			$rights = new m_rights();
			
			$watched_rooms  = $rights->select("", array("user_id" => $user_id, "watch" => true));
			$room_ids = array();
			foreach ($watched_rooms as $r) {
				$room_ids[] = $r->room_id;
			}
			
			$where_clause = "WHERE `rooms`.`room_id`=" . implode(" || `rooms`.`room_id`=", $room_ids);
			
			return $this->data_getDataForTable($where_clause);
		}
		
		public function action_getWarningList($in_params){
			$user_id = $_SESSION["user"]["id"];
			$rights = new m_rights();
			
			$watched_rooms  = $rights->select("", array("user_id" => $user_id, "watch" => true));
			$room_ids = array();
			foreach ($watched_rooms as $r) {
				$room_ids[] = $r->room_id;
			}
			
			$where_clause = "WHERE `rooms`.`room_id`=" . implode(" || `rooms`.`room_id`=", $room_ids);
		
		    $output = $this->data_getDataForTable($where_clause);
		
			$result["sql"] = $output["sql"];
			
			$c = 0;
			foreach ($output["data"] as $eq) {
				if ($eq["DT_RowClass"] == "mark"){
					$result["data"][] = $eq;
					$c++;
				}
			}
			
			$_SESSION["warnings"] = $c;
			return $result;
		}
		
		public function action_processDataRequest($in_params){
			$where = "";
			if (isset($_REQUEST["key"], $_REQUEST["value"])){
				$where = "WHERE `".$_REQUEST["key"]."` LIKE '%".$_REQUEST["value"]."%'";  
			}
			
			return $this->data_getDataForTable($where);
		}
		
		public function action_getRooms($in_params){
			$rooms = new m_room();
			$data = $rooms->select();
			foreach($data as $room){
				$result[] = $room->room_name;
			}
			return array("result" => $result);
		}
		
		public function action_getPersons($in_params){
			$persons = new m_person();
			$data = $persons->select();
			foreach($data as $person){
				$result[] = $person->person_name;
			}
			return array("result" => $result);
		}
		
		public function action_getCategories($in_params){
			$categories = new m_equipment_category;
			$data = $categories->select();
			return $data;
		}
		
		public function action_addEquipment($in_params){
			$rights = new m_rights();
			$user_id = $_SESSION["user"]["id"];
			$isAdmin = $_SESSION["user"]["security_level"] >= SECURITY_LEVEL_ADMIN;
			$equipment = new m_equipment();
			$person = new m_person();
			$room = new m_room();
			$success = true;
			$message = false;
			if ($room->select('', array("room_name" => $_REQUEST["room-name"]))){
				$rights->select("", array("room_id" => $room->room_id, "user_id" => $user_id));
				if (!$rights->add){
					$success = false;
				}
			} else {
				$success = false;
			}
			if (!$success && !$isAdmin){
				$message = NO_RIGHTS_MESSAGE;
			} else {
				$equipment->category_id = $_REQUEST["category_id"];
				$equipment->equipment_name = $_REQUEST["equipment-name"];
				$equipment->date_added = strtotime($_REQUEST["date-added"]);
				$equipment->equipment_info = isset($_REQUEST["info"]) ? $_REQUEST["info"] : null;
				if ($p = $person->select('', array("person_name" => $_REQUEST["person-name"]))){
					$equipment->owner_id = $p[0]->person_id;
				} else {
					$person->person_name = $_REQUEST["person-name"];
					$person->insert();
					$person->select('', array("person_name" => $_REQUEST["person-name"]));
					$equipment->owner_id = $person->person_id;
				}
				if ($r = $room->select('', array("room_name" => $_REQUEST["room-name"]))){
					$equipment->room_id = $r[0]->room_id;
				} else {
					$room->room_name = $_REQUEST["room-name"];
					$room->insert();
					$room->select('', array("room_name" => $_REQUEST["room-name"]));
					$equipment->room_id = $room->room_id;
				}
				$equipment->equipment_info = isset($_REQUEST["info"]) ? $_REQUEST["info"] : null;
				$success = $equipment->insert();
			}
			return array("success" => $success, "message" => $message);
		}	

		public function action_editEquipment($in_params){
			$rights = new m_rights();
			$user_id = $_SESSION["user"]["id"];
			$isAdmin = $_SESSION["user"]["security_level"] >= SECURITY_LEVEL_ADMIN;
			$equipment = new m_equipment();
			
			$equipment->select("", array("equipment_id" => $_REQUEST["equipment-id"]));
			
			$person = new m_person();
			$room = new m_room();
			$success = true;
			$message = false;
			if ($room->select('', array("room_name" => $_REQUEST["room-name"]))){
				$rights->select("", array("room_id" => $room->room_id, "user_id" => $user_id));
				$success &= $rights->add;
				if($equipment->room_id != $room->room_id){
					$rights->select("", array("room_id" => $equipment->room_id, "user_id" => $user_id));
					$success &= $rights->edit;
				}
			} else {
				$success = false;
			}
			if (!$success && !$isAdmin){
				$message = NO_RIGHTS_MESSAGE;
			} else {
				$equipment->category_id = $_REQUEST["category_id"];
				$equipment->equipment_name = $_REQUEST["equipment-name"];
				$equipment->date_added = strtotime($_REQUEST["date-added"]);
				$equipment->equipment_info = isset($_REQUEST["info"]) ? $_REQUEST["info"] : null;
				if ($p = $person->select('', array("person_name" => $_REQUEST["person-name"]))){
					$equipment->owner_id = $p[0]->person_id;
				} else {
					$person->person_name = $_REQUEST["person-name"];
					$person->insert();
					$person->select('', array("person_name" => $_REQUEST["person-name"]));
					$equipment->owner_id = $person->person_id;
				}
				if ($r = $room->select('', array("room_name" => $_REQUEST["room-name"]))){
					$equipment->room_id = $r[0]->room_id;
				} else {
					$room->room_name = $_REQUEST["room-name"];
					$room->insert();
					$room->select('', array("room_name" => $_REQUEST["room-name"]));
					$equipment->room_id = $room->room_id;
				}
				$equipment->equipment_info = isset($_REQUEST["info"]) ? $_REQUEST["info"] : null;
				$success = $equipment->update("", "equipment_id");
			}
			return array("success" => $success, "message" => $message);
		}	

		public function action_apply($in_params){
			

			
			
			$apply_right = new m_apply_rights();
			$apply_right->user_id = $_SESSION["user"]["id"];
			$apply_right->room_id = $in_params['room'];
			$apply_right->watch = !empty($in_params['watch']);
			$apply_right->add = !empty($in_params['add']);
			$apply_right->edit = !empty($in_params['edit']);
			$apply_right->delete = !empty($in_params['delete']);
			$apply_right->insert();
			general::redirect("?sub=profile");
			
		
			
		}




		public function action_deleteEquipment($in_params){
			$user_id = $_SESSION["user"]["id"];
			$isAdmin = $_SESSION["user"]["security_level"] >= SECURITY_LEVEL_ADMIN;
			
			$rights = new m_rights();
			
			$equipment = new m_equipment();
			$equipment->select('', array("equipment_id" => $_REQUEST["id"]));
			
			$rights->select('', array("room_id" => $equipment->room_id, "user_id" => $user_id));
			
			$success = 0;
			$message = false;
			if ($rights->delete == 1 || $isAdmin){
				$success = $equipment->delete("", "equipment_id");
			} else {
				$message = NO_RIGHTS_MESSAGE;
			}
			
			return array("success" => $success, "message" => $message);
		}
	}
?>